I work for a large web hosting company.. I wont give the name, but I see on a daily basis accounts getting hacked either for phishing or blackhat-seo. The vast majority of the sites are either running Joomla or Wordpress. One thing that a few of us that work there have been talking about is disabling 'wget'. Most of the hacks that I see use wget to install a shell, bot or proxy onto the account. We use cpanel as our backend mgmt tool for the client. I know Fantastico uses wget, which we are in the process of phasing out anyways and I know that some programs recommend wget to install their software, as well a some cron jobs use them.

It seems that an account gets hacked, then deactivated by our Abuse department only to get reinstated without it getting really cleaned out. The site gets hacked again hours later then deactivated and this process goes on until we tell the customer to find another host. Removing wget may help less sites get hacked and save us $$ in the long run.

Are there any other 'cons' to removing wget that I am not aware of?

Yes... We know how to disable wget. My question is what would the ramifications be if we disabled wget for our customers?

Would it be something that security experts recommend doing?

Instead of disabling, why not replace it with a script/binary that sends you an alert when it is used?  Rename the original wget with wget2 or something like that and tell your users to use it instead.  That way, you get automated alerts if a malicious user or script tries to use it.  You can do the same with curl as well since wget + curl are the most popular tools for downloading using the cli.